ietf-mailsig
[Top] [All Lists]

Re: transition to MASS, was Why we really don't require requirements

2004-10-10 22:44:36


On 10 Oct 2004, John R Levine wrote:

If Pine adds Mime-Version header, that means its MIME email and if you're
sending to application that does not handle MIME, you should not be doing
it

Sorry, that's completely wrong.  MIME is carefully designed to
interoperate as well as possible with non-MIME applications. Pine
sends mail flawlessly to recipients that don't do MIME, because one
of the few things that even primitive MUAs and MTAs do reliably is to 
ignore headers they don't understand.

My statement was that Pine sends MIME emails which it does. That the same
email can still be seen in exactly same way by non-mime readers when such 
email contains no attachments is good feature, but it does not change the 
fact that Pine is MIME email MUA and that while some of its emails maybe 
easy to read in non-mime MUAs, other ones are harder. So I'm correct in 
saying that if you want to be absolutly certain that your email can be 
read in non-MIME MUA, you should send it from some other MUA.

And as you said MIME is designed to inteoperate with non-mime aware systems
and such systems will simply see additional text that comes from MIME 
encapsulation - this is not a fatal problem for any non-MIME MTA or even
to non-MIME MUA (which are now almost non-existant) - users can still make
sense of what is there and would just need to ignore some extra lines on top.
Even old non-MIME aware automated systems all knew they can't rely on some 
data appearing on first or 2nd line of email - all email templates I'ver 
ever dealt with have "Label: data" as way to include data in email (many
here probably still remember old internic registration template, well 
as far as I know Internic did not have MIME aware template parser and it
still worked fine when email was more complex then just simple text, like
when it was PGP signed - this I tried on my own).

As far as your protest about possible problems for devices that cant
handle MIME, I do not think its a strong point and I'm guessing it would
apply to less then 0.0001% email messages. In fact I'm betting it would
apply to 10,000 less cases than if we use your preferred DomainKeys
which signature breaks with all mail lists or if we use SPF which breaks
forwarding (but forwarding servers are more central and easier to upgrade
then all mail lists).

I am 100% sure that you are pulling your numbers out of thin air.  When
you have some real data, please let us know.

I did say I was "guessing" and I'd love to get real data myself. I did 
check my mailbox and out of last 10,000 messages in it I found 17 that 
did not contain mime-version header - that is very very low number.

And you said you know which mail systems are not mime comliant and 
have problems with MIME encapsulations, so please do tell me so I could
check specifically how common they are, I simply don't know of any
such system myself.

And as far as mail lists being on the big order of magnitude more common
then such systems, I doubt my "guess" is wrong.

By the way, if you think that MIME will magicially preserve MASS
signatures through mailing lists that rewrite subject lines and other
headers and add footers and other junk to message bodies, you have a lot
more faith in its powers than I think is warranted.

We don't have "MASS signatures" yet so neither you nor me know how MASS 
would deal with it until we decide what MASS is going to be.

But as far as my faith that its possible, I actually did test how well
MTA Signatures survive mail list processing with couple different mail 
list systems (majordomo, mailman) and signature verified (changes included
both modifications to headers and addition of "junk" to email body)
and I do intend to run more tests with other systems in the future.

I'm actually more worried about some custom email processing systems that 
do something wierd if they see "content-transfer-encoding: 8-bit" or if
they try to convert "iso-8859-x" to "us-ascii". But I suspect that the 
same problems would exist for other email signature proposals that put 
signature into header.

-- 
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net


<Prev in Thread] Current Thread [Next in Thread>